Candidate: CVE-2010-4005
PublicDate: 2010-11-06 00:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4005
Description:
 The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and
 earlier place a zero-length directory name in the LD_LIBRARY_PATH, which
 allows local users to gain privileges via a Trojan horse shared library in
 the current working directory.  NOTE: vector 1 exists because of an
 incorrect fix for CVE-2005-4790.2.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_tomboy:
upstream_tomboy: released (1.2.2-2)
dapper_tomboy: ignored (reached end-of-life)
hardy_tomboy: ignored (reached end-of-life)
karmic_tomboy: ignored (reached end-of-life)
lucid_tomboy: ignored (reached end-of-life)
maverick_tomboy: ignored (reached end-of-life)
natty_tomboy: ignored (reached end-of-life)
oneiric_tomboy: ignored (reached end-of-life)
precise_tomboy: ignored (reached end-of-life)
precise/esm_tomboy: DNE (precise was needed)
quantal_tomboy: ignored (reached end-of-life)
raring_tomboy: ignored (reached end-of-life)
saucy_tomboy: ignored (reached end-of-life)
trusty_tomboy: not-affected (1.15.4-0ubuntu1)
trusty/esm_tomboy: DNE (trusty was not-affected [1.15.4-0ubuntu1])
utopic_tomboy: ignored (reached end-of-life)
vivid_tomboy: ignored (reached end-of-life)
vivid/stable-phone-overlay_tomboy: DNE
vivid/ubuntu-core_tomboy: DNE
wily_tomboy: ignored (reached end-of-life)
xenial_tomboy: not-affected (1.15.4-0ubuntu1)
yakkety_tomboy: ignored (reached end-of-life)
zesty_tomboy: ignored (reached end-of-life)
artful_tomboy: ignored (reached end-of-life)
bionic_tomboy: not-affected (1.15.4-0ubuntu1)
cosmic_tomboy: not-affected (1.15.4-0ubuntu1)
devel_tomboy: not-affected (1.15.4-0ubuntu1)